AUTHENTICATED_USER is not reliable! [Was: [Zope] become
user(su inside Zope) - pretend to be another user]
Jim Kutter
jim at ebizq.net
Fri Oct 24 12:37:05 EDT 2003
I've been using the REQUEST.OTHER namespace for this purpose. Is that safe to do?
-jim
-----Original Message-----
From: Dario Lopez-Kästen [mailto:dario at ita.chalmers.se]
Sent: Friday, October 24, 2003 12:20 PM
Cc: zope at zope.org
Subject: Re: AUTHENTICATED_USER is not reliable! [Was: [Zope] become user(su inside Zope) - pretend to be another user]
Jens Vagelpohl wrote:
>> Why is everybody so obsessed with AUTHENTICATED_USER? This variable is
>> not suitable for anything deserving the name "security". It is NOT
>> SAFE to assume that it will contain anything useful.
>
>
> Amen to that.
>
> jens
Right, when can we consider REQUEST to be fairly safe? I.e. I know that
it cab be manuoulated by any kind of script during the lifetime of a
request, and aslo be populated from the URL. I consider manipulation
from scripts acceptable behaviour, from the URL not.
What I am actually trying to say is the following:
I need a secure namespace available, a` la REQUEST, during the lifetime
of a request - lets call it SAFE_REQUEST, that cannot be manipulated
from the URL. Preferrably RAM-bound.
Any ideas on how to achieve that (other than reading source, which I
allready have begun to).
Thanks,
/dario
--
-- -------------------------------------------------------------------
Dario Lopez-Ka"sten, IT Systems & Services Chalmers University of Tech.
_______________________________________________
Zope maillist - Zope at zope.org
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )
More information about the Zope
mailing list